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Amendments to the Claims: 
This listing of claims replaces all prior versions and listings of claims in the application: 

Listing of Claims : 

1. (Currently Amended) A method comprising: 

receiving, at a server, a request from a client to take an action with respect to an 
electronic document; 

retrieving a document identifier from the request; 

determining whether user authentication is needed based on the document 
identifier and the action; 

subsequent to retrieving the document identifier, sending information specifying 
an acceptable authentication procedure; 

receiving an authentication procedure update request from the clien t, the 
authentication procedure update request associated with the electronic document ; 

obtaining, at the server and in response to the request, a software program 
comprising instructions operable to cause one or more data processing apparatus to perform 
operations effecting an die authentication procedure; and 

sending the authentication program to the client for use in identifying a current 
user and controlling the action with respect to the electronic document based on the current user 
and document-permissions information associated with the electronic document. 

2. (Original) The method of claim 1, wherein obtaining the software program 
comprises requesting and receiving the software program from a second server. 

3. (Currently Amended) A method comprising: 

receiving, at a server, a request from a client to take an action with respect to an 
electronic document; 
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obtaining, at the server and in response to the request, a software program 
comprising instructions operable to cause one or more data processing apparatus to perform 
operations effecting an authentication procedure; 

sending the authentication program to the client for use in identifying a current 
user and controlling the action with respect to the electronic document based on the current user 
and document-permissions information associated with the electronic document; 

receiving an updated authentication procedure , the updated authentication 
procedure associated with the electronic document; 

receiving a subsequent request from the client to take the action with respect to 
the electronic document; 

obtaining, in response to the subsequent request, a new software program 
comprising instructions operable to cause one or more data processing apparatus to perform 
operations effecting the updated authentication procedure; and 

sending the new software program to the client for use in identifying the current 
user and controlling the action with respect to the electronic document based on the current user 
and the document-permissions information associated with the electronic document. 

4. (Original) The method of claim 1 , wherein the software program uses an existing 
interface provided by the client to communicate authentication information to the server. 

5. (Original) The method of claim 1, further comprising: 

receiving credentials information from the client derived at least in part based on 
input obtained by the client using the software program; and 

communicating with a third party authentication server to authenticate the current 
user based on the credentials information. 

6. (Original) The method of claim 5, wherein the input obtained by the client 
comprises text input. 
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7. (Original) The method of claim 5, wherein the input obtained by the client 
comprises biometric data. 

8. (Original) The method of claim 1 , further comprising: 

receiving from the client an authentication receipt obtained by the client from a 
third party authentication server based on input obtained by the client using the software 
program; and 

verifying the current user with the third party authentication server using the 
authentication receipt. 

9-22. (Canceled) 

23. (Currently Amended) A system comprising: 

a client that sends a request to a server when an action is to be taken with respect 
to an electronic document local to the client; 

the server that receives the request, and in response to the client, the server 
obtains and sends a software program comprising instructions operable to cause one or more data 
processing apparatus to perform operations effecting an authentication procedure; and 

wherein the client uses the authentication program to identify a current user and 
control the action with respect to the electronic document based on the current user and 
document-permissions information associated with the electronic documen t, and wherein the 
action comprises an action taken with respect to the electronic document subsequent to opening 
the electronic document at the client. 



24. (Original) The system of claim 23, further comprises a second server that 
provides the software program. 
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25. (Original) The system of claim 23, wherein the client includes a security handler 
that provides a server-communication interface to the software program. 

26. (Original) The system of claim 23, further comprising a third party authentication 
server that authenticates the current user based on credentials information derived at least in part 
based on input obtained at the client using the software program. 

27. (Original) The system of claim 26,wherein the client obtains an authentication 
receipt from the third party authentication server and forwards the authentication receipt to a 
server for verification. 

28. (Original) The system of claim 23, wherein the server comprises: 
a server core with configuration and logging components; 

an internal services component that provides functionality across dynamically 
loaded methods; and 

dynamically loaded external service providers, including an authentication service 

provider. 

29. (Original) The system of claim 23, further comprising: 

a business logic tier comprising a cluster of document control servers, including 

the server; 

an application tier including the client comprising a viewer client, a securing 
client, and an administration client; and 

a load balancer that routes client requests to the document control servers. 



30-34. (Cancelled) 
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35. (Previously Presented) The system of claim 23, wherein the server obtains the 
software program by requesting and receiving the software program from a second server. 



36. (Previously Presented) The system of claim 23, wherein the server receives a 
subsequent request from the client to take the action with respect to the electronic document, 
obtains, in response to the subsequent request, a new authentication process, and sends the new 
authentication process to the client for use in identifying the current user and controlling the 
action with respect to the electronic document based on the current user and the document- 
permissions information associated with the electronic document. 

37. (Previously Presented) The system of claim 23, wherein the software program 
uses an existing interface provided by the client to communicate authentication information to 
the server. 



38. (Previously Presented) The system of claim 23, wherein the server receives 
credentials information from the client derived at least in part based on input obtained by the 
client using the software program, and communicates with a third party authentication server to 
authenticate the current user based on the credentials information. 



39. (Previously Presented) The system of claim 38, wherein the input obtained by the 
client comprises text input. 

40. (Previously Presented) The system of claim 38, wherein the input obtained by the 
client comprises biometric data. 

41 . (Previously Presented) The system of claim 23, wherein the server receives from 
the client an authentication receipt obtained by the client from a third party authentication server 
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based on input obtained by the client using the software program, and verifies the current user 
with the third party authentication server using the authentication receipt. 

42. (Previously Presented) The system of claim 23, wherein the server retrieves a 
document identifier from the request, determines whether user authentication is needed based on 
the document identifier and the action, sends information specifying an acceptable authentication 
procedure, and receives an authentication procedure update request from the client. 



